Gizmo's Freeware Forum

Gizmo's Freeware Forum (https://www.techsupportalert.com/freeware-forum/)
-   General Computer Support (https://www.techsupportalert.com/freeware-forum/general-computer-support/)
-   -   cant keep mozilla foxfire why? (https://www.techsupportalert.com/freeware-forum/general-computer-support/9796-cant-keep-mozilla-foxfire-why.html)

placou 1968 12. May 2012 02:32 AM

cant keep mozilla foxfire why?
 
I recently downloaded mozilla and used the browser for about 2 weeks, (default set) worked just fine, turned on computer today, mozilla firefox browser was not there. i had been getting trojan and malware messages in hitman on the set up download, but not until after it was installed, now i have a new browser with "ask" as my search engine/homepage, it has never been my homepage, I have had the same homepage since 1997
http://i.imgur.com/fp0Ec.png?1
http://i.imgur.com/XenR7.png
I have tried to uninstall from add/remove programs, but i keep getting a message that says.....you must restart your computer to complete an upgrade of firefox. I havent tried to UPGRADE, and turning computer on and off does nothiing to help, can i somehow force an uninstall? how do you clean up behind it if i do get it uninstalled? I also noticed some shortcuts dont work, and under their properties they have been given different (target/paths?)
xp home, sp3, mse, mbam, hitman. updated daily, and now nothing is being picked up as a ware/virus/trojan but where is my browser?

placou 1968 12. May 2012 02:34 AM

im sorry about the large images, i thought they were cropped but i guess not, sorry again

MidnightCowboy 12. May 2012 06:53 AM

This looks very much like your browser has been hijacked by another application. If you've been using it as stated for two weeks then the code responsible would likely not have been in your PC already, but have been picked up from somewhere else.

I would suggest three things:

First, install the WOT (Web Of Trust) browser extension and only open sites with a "green" rating. Better still (my personal opinion only :)) replace Google with the DuckDuckGo search engine and enable WOT icons from the settings panel.

Second, change your DNS settings to use Norton's service. This will also advise you about potentially dangerous sites.

Lastly, install WinPatrol. This is a lightweight HIPS program which will run quite happily alongside other security software and will warn you about Ask and other browser addons should these be included with any other software you might want to install.

The usual practice of only sourcing program downloads from reputable sources also applies, and scanning them via VirusTotal too is worth the extra trouble.

http://www.mywot.com/
https://duckduckgo.com/
http://setup.nortondns.com/
http://www.winpatrol.com/
https://www.virustotal.com/

If you need assistance with any of the above, please ask.

George.J 12. May 2012 07:14 AM

Placou you have downloaded the software from Soft32.com, and they imposes their own download manager for downloading certain softwares.

Firefox by default in Soft32 database doesn't download through their download manager. So there's a chance that you have manually installed Soft32 Download manager on your system.
  1. I advice you to uninstall this download manager using Add/Remove Programs in the Control Panel or use Revo Uninstaller. Read edit portion at the bottom
  1. Then download CCleaner and clean all your temp files by clicking "Run Cleaner".
  1. I also advice you to download MalwareBytes Anti-Malware and update the program and run a quick scan of your system. Post the log file generated in this thread.
  1. Also download HijackThis, accept the licence agreement and click on "Do a system scan and save a log file" and upload the log file generated in this thread.

Warning: Do not attempt to fix any errors or click any other buttons on its interface while using HijackThis.

This is because the download manager recommends you to download & install other programs during the time you are downloading a software from their database. So you might have forgot to uncheck the option to install Ask Toolbar in their download manager.

If you are a newbie I advice you that, when you are downloading & installing programs on your system, please check all the checkboxes, because if you are not doing so, you are inviting crapware to be installed on the system. Also I recommend you to ignore Soft32 for downloading programs and use alternative sites like Softpedia, SnapFiles, FileHippo, MajorGeeks etc. If you would like to monitor any changes made by the software on your system you can download and install WinPatrol

Edit: After a thought, I wonder if Soft32 actually installs their Download manager on your system. I believe the download manager only appears during the time when you download and install a software from their databse on your system. But I don't believe to what extent Soft32 Downloader cleans itself up after downloading & installing a software. In that case, you may just uninstall Soft32 updater if you have installed it on your system, if not skip step1

According to VirusTotal Reports, 5/42 antiviruses swear by their heuristic engine (not through definition files) that Soft32 updater is a generic virus.

George.J 12. May 2012 08:29 AM

Allright, so I just checked about Soft32 Download manager by downloading a software from Soft32.com using their download manager. As far as I can see, the download manager doesn't install on the system but only runs during the time when you download the software (similar to CNET download manager). Sadly it doesn't clean up fully after installation. There are traces left behind in the Temp, Temporary Internet Files, Application Data folder. So you may ignore step 1 that I have mentioned (of the 4 steps) , unless you have Soft32 Updater installed on the system and you may uninstall that. Then continue to step 2.

George.J 12. May 2012 09:34 AM

Quote:

Originally Posted by MidnightCowboy (Post 72323)
Better still (my personal opinion only :)) replace Google with the DuckDuckGo search engine and enable WOT icons from the settings panel.

And mine :)

Quote:

Originally Posted by MidnightCowboy (Post 72323)
Second, change your DNS settings to use Norton's service. This will also advise you about potentially dangerous sites.

I believe malware blocking of NortonDNS is better than the free version of OpenDNS which offers basic malware blocking.

Concerned User 12. May 2012 10:15 AM

That does look nasty. Hoping that you're logging in as a non admin user in Windows XP.

Hopefully, your problem is resolved. If you're not using sandboxie, go ahead and give it a try:)

MidnightCowboy 12. May 2012 10:25 AM

1 Attachment(s)
Quote:

Originally Posted by George.J (Post 72327)
And mine :)


I believe malware blocking of NortonDNS is better than the free version of OpenDNS which offers basic malware blocking.

According to my understanding OpenDNS has NO malware blocking feature in the free version. All you get is protection against known phishing sites unless you upgrade to their commercial plan. I have always disliked the way they market themselves in this area because everyone I speak to who uses OpenDNS (free) believes they do have malware protection.

Attachment 1179

George.J 12. May 2012 12:13 PM

Quote:

Originally Posted by MidnightCowboy (Post 72329)
According to my understanding OpenDNS has NO malware blocking feature in the free version. All you get is protection against known phishing sites unless you upgrade to their commercial plan. I have always disliked the way they market themselves in this area because everyone I speak to who uses OpenDNS (free) believes they do have malware protection.

Attachment 1179

OpenDNS basic and deluxe versions does have basic Botnet/Malware protection, that was responsible for blocking Conficker worm & Microsoft Zero day exploits. This basic malware protection blocks Internet bots and dangerous websites. Whereas "Malware site protection feature" (brand new and totally different from basic malware protection) is exclusive to the Enterprise version. It has been promised that, this feature may be available for the deluxe and free versions over time.

MidnightCowboy 12. May 2012 12:43 PM

Quote:

Originally Posted by George.J (Post 72330)
OpenDNS basic and deluxe versions does have basic Botnet/Malware protection, that was responsible for blocking Conficker worm & Microsoft Zero day exploits. This basic malware protection blocks Internet bots and dangerous websites. Whereas "Malware site protection feature" (brand new and totally different from basic malware protection) is exclusive to the Enterprise version. It has been promised that, this feature may be available for the deluxe and free versions over time.

Are you able to provide a link to where you saw this information because I've not been able to confirm it and OpenDNS do not respond to my emails. :)

I'm aware they promote this on their site:

"OpenDNS owns and operates PhishTank, the largest clearinghouse of phishing information on the Internet. OpenDNS incorporates PhishTank into its services to protect you from fraudulent websites that attempt to steal your personal information and money. In addition, OpenDNS provides protection against two of the most pervasive Internet security threats that continue to infect millions of users Conficker, the largest botnet, and Internet Explorer exploits".

... but this is not malware protection. Sure they guard against Conficker but so does every AV worth installing. I.E. exploit protection is also worth having for the diminishing numbers of IE users, but it still 'ain't malware protection as all of the OpenDNS users I've encountered believe they have.


All times are GMT +1. The time now is 04:09 PM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2020, vBulletin Solutions, Inc.